Behavioral task
behavioral1
Sample
9fbfcd0e3866fb1499731fb6e2d0dcc3e1acdb8616a7fe8cd776be8f0fa40e3d.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
9fbfcd0e3866fb1499731fb6e2d0dcc3e1acdb8616a7fe8cd776be8f0fa40e3d.exe
Resource
win10v2004-20231023-en
General
-
Target
9fbfcd0e3866fb1499731fb6e2d0dcc3e1acdb8616a7fe8cd776be8f0fa40e3d
-
Size
263KB
-
MD5
a40e5e5230f27530336840c15c1cb9a3
-
SHA1
4fdaa612548ce2075c44eb7c050f7d4bfa88ad65
-
SHA256
9fbfcd0e3866fb1499731fb6e2d0dcc3e1acdb8616a7fe8cd776be8f0fa40e3d
-
SHA512
0b268670dc98e8b02c448707db7829f0bb381d6ff288e0677e2116817b20d90dad8e42c9171048628b2e23c332989d07a1d4f3e1963f5d8dba5c12fa53ba50d2
-
SSDEEP
6144:XTFlWkrkPjBt7jgPn3B48/lodHWABGWMMWm+AIQ/hn5Wm+Lqse9oSsA:XTeEPJ+dHmjJm+AIQ/hkmXse9oST
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 9fbfcd0e3866fb1499731fb6e2d0dcc3e1acdb8616a7fe8cd776be8f0fa40e3d
Files
-
9fbfcd0e3866fb1499731fb6e2d0dcc3e1acdb8616a7fe8cd776be8f0fa40e3d.exe windows:6 windows x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 1.2MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 248KB - Virtual size: 252KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 13KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE